Witam. Mam taki problem że mam strasznie zaśmiecony komputer poczytałem że program FRST usuwa te szkodliwe oprogramowania ale niestety nie potrafie go używać i chciałbym żeby ktoś mi pomogł dołączam logi z góry dziękuje za pomoc
Program FRST nie jest narzędziem które samo z siebie usunie Ci syf z kompa tylko to jest narzędzie tworzące logi które wstawiłeś na forum, i dobrze zrobiłeś. Teraz musisz zaczelać aż któryś ze specjalistów od logów je sprawdzi i zapoda Ci skrypt zrobiony na podstawie loga. Zapodajesz do programu ten skrypt i dopiero wtedy będą efekty jego działania 
Dziękuję za odpowiedź mam nadzieje że ktoś mi pomoże
Otwórz notatnik systemowy i wklej:
Task: {09A817B7-8142-4218-BA0C-A312E436E592} - System32\Tasks\{A230940E-F7EA-47AC-85C4-54F36B8117F0} = pcalua.exe -a C:\Users\Waciakooo\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=face
Task: {527EB0FF-E8D8-4B5D-9D1A-14F2BDDBC753} - System32\Tasks\SmartWeb Upgrade Trigger Task = C:\Users\Waciakooo\AppData\Local\SmartWeb\SmartWebHelper.exe ==== ATTENTION
Task: {69A625BC-25CC-406F-A436-304C536C08CD} - System32\Tasks\DrspeedyPc Secure = \secureupdater.exe ==== ATTENTION
Task: {AA422537-B943-4CA3-81DD-2B006E245240} - System32\Tasks\crash_service = C:\Users\Waciakooo\AppData\Local\BoBrowser\Application\crash_service.exe
Task: {B1818375-9ED8-4D47-B616-279B816F8EC4} - System32\Tasks\eeuMMGid = C:\Users\Waciakooo\AppData\Roaming\eeuMMGid.exe [2015-04-20] () ==== ATTENTION
Task: {B27CD080-5FCD-41AA-818F-F316403D2139} - System32\Tasks\Run_Bobby_Browser = C:\Users\Waciakooo\AppData\Local\BoBrowser\Application\bobrowser.exe ==== ATTENTION
Task: C:\Windows\Tasks\eeuMMGid.job = C:\Users\Waciakooo\AppData\Roaming\eeuMMGid.exe ==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Waciakooo\Application Data:NT
AlternateDataStreams: C:\Users\Waciakooo\Application Data:NT2
AlternateDataStreams: C:\Users\Waciakooo\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Waciakooo\AppData\Roaming:NT2
GroupPolicy: Group Policy on Chrome detected ======= ATTENTION
HKU\S-1-5-21-4229318612-3395994372-762701520-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-4229318612-3395994372-762701520-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=ctid=CT3333887octid=EB_ORIGINAL_CTIDISID=MB92B4354-D5FB-4FBF-9196-8150945D4C00SearchSource=55CUI=UM=8UP=SP1872E11A-1531-47DE-80FA-BF7A9138E033D=082015SSPV=
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1439981467z=22a2c3fc9daf5d3ecbb12a1g6zac6t0tfb8g8cfq5zfrom=faceuid=ST1000DM003-1ER162_S4Y0T0BWXXXXS4Y0T0BWq={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1439981467z=22a2c3fc9daf5d3ecbb12a1g6zac6t0tfb8g8cfq5zfrom=faceuid=ST1000DM003-1ER162_S4Y0T0BWXXXXS4Y0T0BWq={searchTerms}
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www-searching.com/search.aspx?s=F8Hzamodk07934,5326b66c-70c7-4013-a27f-5fd3294f94ee,q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1439981467z=22a2c3fc9daf5d3ecbb12a1g6zac6t0tfb8g8cfq5zfrom=faceuid=ST1000DM003-1ER162_S4Y0T0BWXXXXS4Y0T0BWq={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dsts=1439981467z=22a2c3fc9daf5d3ecbb12a1g6zac6t0tfb8g8cfq5zfrom=faceuid=ST1000DM003-1ER162_S4Y0T0BWXXXXS4Y0T0BWq={searchTerms}
SearchScopes: HKU\S-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www-searching.com/search.aspx?s=F8Hzamodk07934,5326b66c-70c7-4013-a27f-5fd3294f94ee,q={searchTerms}
SearchScopes: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=ctid=CT3333887octid=EB_ORIGINAL_CTIDISID=MB92B4354-D5FB-4FBF-9196-8150945D4C00SearchSource=58CUI=UM=8UP=SP1872E11A-1531-47DE-80FA-BF7A9138E033D=082015q={searchTerms}SSPV=SP30305TB_sp_ie
SearchScopes: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www-searching.com/search.aspx?s=F8Hzamodk07934,5326b66c-70c7-4013-a27f-5fd3294f94ee,q={searchTerms}
SearchScopes: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - {77A70A3B-7CDF-464A-8C58-83B8615E6D85} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ieei=utf-8ilc=12type=435371p={searchTerms}
SearchScopes: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - {F52C63F0-4E24-45AF-99EA-7E95186CF7D3} URL = hxxp://www.istartsurf.com/web/?type=dsts=1439840001z=d50b3a8105eac0911b5ec5ag8z6c6t6b3cctctfeewfrom=faceuid=ST1000DM003-1ER162_S4Y0T0BWXXXXS4Y0T0BWq={searchTerms}
BHO-x32: TunePro360 - {5E04457F-D6D4-4A7E-8277-5EF1CA591CC7} - No File
Toolbar: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-4229318612-3395994372-762701520-1000 - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF HKLM-x32\...\Firefox\Extensions: [{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}] - \distribution\bundles\{969a43f0-fd3b-4026-aa4b-af70ac7c9d9c}
FF HKLM-x32\...\Firefox\Extensions: [{88d83554-2fdc-4bb9-8dcd-f2d46d175f88}] - \distribution\bundles\{88d83554-2fdc-4bb9-8dcd-f2d46d175f88}
CHR Extension: (CinemaPlus-3.2cV24.08) - C:\Users\Waciakooo\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-08-24]
OPR Extension: (Sale Clipper) - C:\Users\Waciakooo\AppData\Roaming\Opera Software\Opera Stable\Extensions\odlhikpaegeblidjhkeefjdjegganhpg [2015-07-23]
OPR Extension: (CinemaPlus-3.2cV17.08) - C:\Users\Waciakooo\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-08-17]
R2 comyninu; C:\Program Files (x86)\069D52A0-1439838722-11D5-9C4D-382C4ABC997B\hnsv50BA.tmp [161792 2015-08-17] () [File not signed]
R2 hyverumu; C:\Program Files (x86)\069D52A0-1439838722-11D5-9C4D-382C4ABC997B\jnsg3A2C.tmp [209920 2015-08-17] () [File not signed]
S4 LMIRfsClientNP; no ImagePath
S3 catchme; \\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \\C:\ProgramData\MTA San Andreas All\Common\temp2\FairplayKD.sys [X]
S1 vksrxhnv; \\C:\Windows\system32\drivers\vksrxhnv.sys [X]
S3 xhunter1; \\C:\Windows\xhunter1.sys [X]
2015-08-25 10:28 - 2015-08-25 10:28 - 00000000 ____ D C:\Program Files (x86)\predm
2015-08-24 19:58 - 2015-08-24 19:58 - 00000000 ____ D C:\Users\Waciakooo\AppData\Local\Crossbrowse
2015-08-24 19:57 - 2015-08-24 19:57 - 00000000 ____ D C:\Users\Waciakooo\AppData\Roaming\istartsurf
2015-08-24 19:57 - 2015-08-24 19:57 - 00000000 ____ D C:\Program Files (x86)\Crossbrowse
2015-08-24 15:24 - 2015-08-24 20:00 - 00004490 _____ C:\Windows\System32\Tasks\cdbd17cf-4f24-4fc1-bc64-43b7c13b21db-5
2015-08-24 15:23 - 2015-08-25 10:18 - 00000000 ____ D C:\Program Files (x86)\CinemaPlus-3.2cV24.08
2015-08-24 15:23 - 2015-08-25 10:15 - 00000000 ____ D C:\Program Files (x86)\abb8e6eb-7db1-463e-8f2b-8338acf2ce5d
2015-08-24 15:23 - 2015-08-24 19:59 - 00008898 _____ C:\Windows\System32\Tasks\cdbd17cf-4f24-4fc1-bc64-43b7c13b21db-6
2015-08-24 15:23 - 2015-08-24 15:23 - 00000000 ____ D C:\Users\Waciakooo\AppData\Local\globalUpdate
2015-08-24 15:23 - 2015-08-24 15:23 - 00000000 ____ D C:\Program Files (x86)\globalUpdate
2015-08-24 15:22 - 2015-08-25 10:15 - 00000000 ____ D C:\Users\Waciakooo\AppData\Local\gmsd_gb_005010070
2015-08-24 15:22 - 2015-08-25 10:15 - 00000000 ____ D C:\Program Files (x86)\gmsd_gb_005010070
2015-08-24 10:02 - 2015-08-24 10:02 - 00613255 _____ (CMI Limited) C:\Users\Waciakooo\AppData\Local\nsy699A.tmp
2015-08-24 09:57 - 2015-08-25 10:15 - 00000000 ____ D C:\Users\Waciakooo\AppData\Local\gmsd_gb_005010069
2015-08-24 09:57 - 2015-08-25 10:15 - 00000000 ____ D C:\Program Files (x86)\gmsd_gb_005010069
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.